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ments to the Claims : 

This listing of claims replaces all prior versions and listings of claims in the application 



1-20. (Cancelled) 



21. (Currently Amended) A method M e thod for authenticating a user for access to at 
least two entities of a data transmission network by means of a terminal, which method includes 
the following series of steps: 

a random number is transmitted to the terminal, 

data for authenticating the user to the two entities of the network is calculated 
using at least one predefined cryptographic algorithm applied to the random number received 
and at least one secret key specific to the user, 

the terminal inserts, in an access request, data for identifying the user to said two 
entities of the network and the calculated authentication data, and transmits the access request to 
an access controller, wherein the inserted data for identifying the user comprises a distinct set of 
data for each of the two entities: 

the access controller transmits, to each of the two entities, a respective 
authentication request containing the identification data and the distinct set of inserted data for 
authenticating the user to said the respective eatities entity of the network, contained in the 
access request, 

authentication servers of the entities carry out a user authentication procedure, on 
the basis of user identification and authentication data, contained in the authentication requests, 
and 

authentication reports containing results of the authentication procedures carried 
out by the authentication servers of each of said two network entities are transmitted to the 
terminal. 
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22. (Currently Amended) M e thod The method according to claim 21, characterized in 
that it includes a preliminary step in which the terminal establishes a connection with a 
specialized server by means of the network, wherein the random number is generated and 
transmitted to the terminal by the specialized server when the connection has been established. 

23. (Currently Amended) Method The method according to claim 22, characterized in 
that the access request transmitted by the terminal is transmitted to the specialized server which 
inserts therein the random number used to calculate the authentication data, the access request is 
then transmitted to the access controller which inserts the random number into the authentication 
requests transmitted to the two entities. 

24. (Currently Amended) The method Method according to claim 21 , characterized in 
that the identification data inserted into the access request is in the form: "IdA@DomainA" in 
which: 

"IdA" represents the identifier for identifying the user to the network entity, 
"DomainA" represents the identifier of the network entity in the network, with the 
access controller determining the entities to whom the authentication requests will be transmitted 
on the basis of the "DomainA" identifiers of the network entity contained in the access request. 

25. (Currently Amended) A user User terminal capable of accessing, by means of the 
access network, at least two entities connected to a data transmission network: 

characterized in that it includes: 

means for transmitting access requests to an e ntity of th e n e twork at least two 
entities of the network , which requests contain data for identifying and authenticating the user to 
the network entity and each request being distinct : 

means for receiving a random number when a connection with the network is 
established, cryptographic calculating means for applying at least one predefined cryptographic 
algorithm to the random number received so as to obtain data for authenticating the user to at 
least two entities of the network, and means for inserting, into each transmitted access request, 
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data for identifying the user to two each network entity entities and the calculated authentication 
dat a, wherein the calculated authentication data comprises a distinct set of authentication data for 
each entity . 

26. (Currently Amended) The terminal T e rminal according to claim 25, characterized in 
that it includes an external module designed to be connected to each of the user terminals and 
including means for receiving the random number from the terminal to which it is connected, 
cryptographic calculation means for executing the predefined cryptographic algorithm based on 
the random number, and for transmitting, to the terminal, at least one data item for authenticating 
the user to an entity of the network, obtained by the cryptographic calculations. 

27. (Currently Amended) An access Access controller, characterized in that it includes 
means for receiving a requests request for access to at least two entities of a data transmission 
network coming from a_user terminals terminal and transmitted via said network, means for 
extracting, from each of the access request r oquests , the data for identifying and authenticating 
the user to at least two network entities, wherein the data for authenticating the user to at least 
two network entities comprises a distinct set of data for each of the network entities, means for 
transmitting, to each of the two entities, a respective authentication request containing the data 
for identifying and authenticating the user to a respective one of the two entities, contained in the 
access request. 

28. (Currently Amended) The access Aeeess controller according to claim 27, 
characterized in that it also includes means for receiving user authentication reports, transmitted 
by the entities in response to the authentication requests, and means for transmitting, to the user 
terminal, and authentication report based on the reports received from the entities. 

29. (Currently Amended) A system System for authenticating a user in an attempt to 
access at least two entities of a data transmission network to which network entities are 
connected, and which user terminals can access by means of access networks, characterized in 
that it includes: 
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a user terminal characterized in that it includes: 

means for transmitting access requests to an entity of the network, which requests 
contain data for identifying and authenticating the user to the network entity; and 

means for receiving a random number when a connection with the network is 
established, cryptographic calculating means for applying at least one predefined cryptographic 
algorithm to the random number received so as to obtain data for authenticating the user to at 
least two entities of the network, and means for inserting, into each transmitted access request, 
data for identifying the user to two network entities and the calculated authentication data., 
wherein the calculated authentication data comprises a distinct set of data for each of the network 

at least one authentication server for each of the two network entities, designed to 
identity and authenticate the users on the basis of identification and authentication data contained 
in the access requests received; 

an access controller characterized in that it includes means for receiving requests 
for access to at least two entities of the data transmission network coming from user terminals 
and transmitted via said network, means for extracting, from each of the access requests, the data 
for identifying and authenticating the user to at least two network entities, means for 
transmitting, to each of the two entities, a respective authentication request containing the data 
for identifying and authenticating the user to the two entities, contained in the access request. 

30. (Currently Amended) The system System according to claim 29, characterized in that 
it also includes a specialized server connected to the network so as to be connected to the user 
terminals when a connection has been established between the terminal and the network, wherein 
the specialized server includes means for generating and transmitting a random number to each 
of the terminals with which a connection is established, and means for inserting the random 
number into each of the access requests transmitted by the terminals. 



31. (Currently Amended) The system System according to claim 29, characterized in that 
each entity of the network includes means for storing secret keys of users, means for determining 



Applicant 
Serial No. 
Filed 
Page 



Transyetal. 
10/565,571 
August 2, 2006 
6 of 11 



Attorney's Docket No.: 18394- 
0017US1 / RVL/PA61423US 



the data for authenticating the user to the entity by applying the predefined algorithm to the 
random number received in a authentication request and to the secret user key, and for 
comparing the result obtained to the user authentication data received in the authentication 
request, wherein the user is properly authenticated by the entity only if the result of the 
cryptographic calculation obtained is identical to the authentication data contained in the 
authentication request. 



